Hey Spicers,
I am currently testing out a Ubiquiti UniFi AP. My end goal is to have all wireless clients authenticate with their Active Directory username/password. I don't have much experience with setting up a secure wireless network so please forgive me if I miss a simple step along the way.
Here is what I've done so far..
1. Configured UniFi AP with static IP address, setup SSID, set security for WPA-Enterprise, entered IP address of Server 2008 R2 running RADIUS (192.168.2.14) and set password.
2. On Server 2008 R2 (RADIUS Server), I've added the IP address of the UniFi AP as a RADIUS Client (192.168.2.49) and set password (same one as entered on UniFI AP).
3. On the server, I've also setup a new Network Policy.
-Allow access based on user group (profile must be member of AD group)
-Under Authentication Method I have the following selected:
MS-CHAP-v2
MS-CHAP
Under NAS Port Type I have "Wireless - IEEE 802.11" selected (Listed under Common 802.1X connection tunnel types) and also "Wireless - Other" under (listed under Others section)
4. On the user I've been testing connection with, I've also made sure they are part of the AD group that is allowed access in the network policy I setup and also "Dial-In" tab, I have "Control Access through NPS Network Policy" selected.
I haven't had much luck though. From a windows 7 laptop, I can see the SSID, get the network authentication screen where I can enter my domain u/p but no connection after that.
Any suggestions/help is great appreciated!